How Azure Information Protection and Outlook Web Access work together

One of the features that can be done with Azure Information protection is the integration with Outlook Web Access, in the previous post we have  talked about the ability to integrate Azure Information Protection and Exchange Transport Rules. Today we talk about this possibility that can be used when the user does not have installed the Outlook client and the integration with Azure Information Protection client.

Follow the tips below to enable the functionality:

1 – Run powershell with administrator console

Run install-module -name AADRM

2 – Login Azure tenant

Run $cred = Get-Credential

3 – Connect to Azure Right management service

Connect-AadrmService -Credential $cred

4 – Activate the service

Enable-Aadrm

5 –  Get the configuration information needed for message encryption

$rmsConfig = Get-AadrmConfiguration

$licenseUri = $rmsConfig.LicensingIntranetDistributionPointUrl

Disconnect-AadrmService

6 –  Create a remote PowerShell session and connect to Exchange Online

$session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $cred -Authentication Basic –AllowRedirection

Import-PSSession $session

7 –  Collect IRM configuration for Office 365

$irmConfig = Get-IRMConfiguration

$list = $irmConfig.LicensingLocation

if (!$list) { $list = @() } if (!$list.Contains($licenseUri)) { $list += $licenseUri }

8 –  Enable message encryption for Office 365

Set-IRMConfiguration -LicensingLocation

$list=Set-IRMConfiguration -AzureRMSLicensingEnabled $true -InternalLicensingEnabled $true

9  – Enable the Protect button in Outlook on the web (Optional)

Set-IRMConfiguration -SimplifiedClientAccessEnabled $true

10 –  Enable server decryption for Outlook on the web, Outlook for iOS, and Outlook for Android.

Set-IRMConfiguration -ClientAccessServerEnabled $true

11  – Verify that the new capabilities for OME are configured properly by running the TestIRMConfiguration cmdlet

Test-IRMConfiguration -Sender email address

User Expierence

 

1  – You will login into your outlook web access.

2 – Create your message, your recipients and protect it.

3 – Choose the Azure Information Protection template that you want to apply

Modern Workplace Tech appreciates the reading and hopes it has been of interest.

Microsoft articlehttps://docs.microsoft.com/en-us/office365/securitycompliance/set-up-new-message-encryption-capabilities

 

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.